Terms of Service

Last updated: May 20, 2026

1. Acceptance of Terms

By accessing, browsing, or using SiteLeak ("the Service," "we," "us," or "our"), you acknowledge that you have read, understood, and agree to be legally bound by these Terms of Service ("Terms") and our Privacy Policy, which is incorporated herein by reference. If you do not agree to any part of these Terms, you must immediately stop using the Service.

These Terms apply to all visitors, registered users, and any person or entity who accesses or uses the Service in any capacity, worldwide. Use of the Service by a minor requires the verifiable consent of a parent or legal guardian who accepts these Terms on their behalf.

2. Description of the Service

SiteLeak is a passive, read-only web security reconnaissance tool. It sends standard HTTP GET requests to publicly accessible URL paths on a domain you specify, and reports which paths return a response. This mimics the behavior of standard web browsers, search engine crawlers, and publicly documented security auditing methodologies.

Specifically, SiteLeak:

• Does not authenticate to any system, bypass any login, or access any restricted area.
• Does not inject malicious payloads, perform SQL injection, cross-site scripting, or any other active exploit.
• Does not download, store, transmit, or process the contents of any file found during a scan.
• Does not perform port scanning, network mapping, or denial-of-service testing.
• Only retrieves HTTP status codes and minimal response metadata, not file contents.

A "finding" by SiteLeak means only that a specific URL path returned an HTTP response. It does not confirm that sensitive data was accessed, exposed, or compromised. You must independently verify all findings by visiting the URLs yourself.

3. Eligibility

You must be at least 18 years of age (or the age of majority in your jurisdiction) to use the Service. By using the Service, you represent and warrant that you meet this requirement. We reserve the right to refuse access to any person or entity at our sole discretion.

4. Permitted Use

You are authorized to use SiteLeak solely for the following purposes:

• Scanning domain names and web properties that you own, control, or administer.
• Scanning domains or systems for which you have obtained explicit, documented written authorization from the rightful owner or administrator prior to initiating any scan.
• Legitimate personal or organizational security research and auditing on resources you are authorized to test.
• Educational and awareness purposes, including understanding what publicly accessible information may be exposed on your own infrastructure.

Your Responsibility: It is entirely your responsibility to ensure you have the legal right to scan any domain you submit. We do not verify ownership or authorization. Submitting a domain to SiteLeak constitutes your representation that you are authorized to do so.

5. Prohibited Use

You expressly agree not to use the Service, or permit others to use the Service, for any of the following purposes:

• Scanning any domain, website, system, or network for which you do not have explicit authorization from the legal owner or operator.
• Using scan results to exploit, attack, extort, threaten, harass, or harm any individual, business, or organization.
• Sharing, publishing, or disclosing scan results for any domain that is not your own without the express consent of the domain owner.
• Submitting false, fraudulent, or misleading information in connection with your use of the Service.
• Attempting to circumvent, disable, or interfere with any security, rate-limiting, or access control features of the Service.
• Scraping, reverse-engineering, decompiling, or redistributing any portion of the Service, its underlying code, or its outputs at scale.
• Reselling, relicensing, or commercially exploiting the Service or its results without our express written permission.
• Using the Service in any manner that violates any applicable local, state, national, or international law, regulation, or treaty — including but not limited to the Computer Fraud and Abuse Act (CFAA, USA), the Computer Misuse Act (UK), Directive 2013/40/EU (EU), and equivalent laws in your jurisdiction.
• Engaging in any conduct that we determine, in our sole discretion, to be harmful, abusive, or contrary to the spirit of this Service.

6. No Guarantee of Accuracy or Completeness

Scan results are provided strictly on an "as-is" and "as-available" basis. We make no warranty, express or implied, that:

• All exposed files or paths will be detected by any given scan.
• Any specific finding is a "true positive" — some hosting configurations may return HTTP 200 responses for non-existent paths (commonly called "soft 404s"), which may appear as findings.
• A clean scan result indicates your website or infrastructure is secure. It means only that the specific paths we check did not return detectable responses at the time of scanning.
• Results are current, accurate, or applicable to your specific security posture, threat model, or risk environment.

SiteLeak is not a comprehensive security audit and does not replace professional penetration testing, vulnerability assessments, code reviews, or qualified cybersecurity consultation.

7. Rate Limits and Fair Use

Free-tier users are subject to usage rate limits (currently up to 5 scans per hour per IP address) to ensure service quality for all users. We reserve the right to modify, reduce, or eliminate rate limits at any time, without notice. Attempts to circumvent rate limits — through IP rotation, proxy abuse, automated scripting, or other means — constitute a violation of these Terms and may result in immediate termination of access.

8. Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, NON-INFRINGEMENT, TITLE, OR UNINTERRUPTED AVAILABILITY.

WE DO NOT WARRANT THAT THE SERVICE WILL BE ERROR-FREE, SECURE, UNINTERRUPTED, OR FREE FROM VIRUSES OR OTHER HARMFUL COMPONENTS. WE DO NOT WARRANT THAT ANY DEFECTS WILL BE CORRECTED OR THAT THE SERVICE WILL MEET YOUR REQUIREMENTS OR EXPECTATIONS.

Some jurisdictions do not allow the exclusion of implied warranties. In such jurisdictions, the above exclusions apply only to the maximum extent permitted by law.

9. Limitation of Liability

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SITELEAK, ITS OPERATORS, OWNERS, EMPLOYEES, CONTRACTORS, AFFILIATES, LICENSORS, OR AGENTS BE LIABLE FOR ANY:

• INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES;
• LOSS OF PROFITS, REVENUE, DATA, BUSINESS, GOODWILL, OR ANTICIPATED SAVINGS;
• DAMAGES ARISING FROM UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA;
• DAMAGES ARISING FROM ANY THIRD-PARTY CONDUCT OR THIRD-PARTY SITES OR SERVICES;
• DAMAGES ARISING FROM ANY SECURITY INCIDENT, DATA BREACH, OR CYBERATTACK THAT OCCURS BEFORE, DURING, OR AFTER A SCAN;
• OR ANY OTHER LOSS OR DAMAGE ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF OR INABILITY TO USE THE SERVICE;

WHETHER BASED ON CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

OUR TOTAL CUMULATIVE LIABILITY TO YOU FOR ALL CLAIMS ARISING OUT OF OR RELATING TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE GREATER OF (A) THE TOTAL AMOUNT YOU PAID US FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) USD $10.00.

SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF CERTAIN TYPES OF DAMAGES. IN SUCH JURISDICTIONS, OUR LIABILITY SHALL BE LIMITED TO THE MAXIMUM EXTENT PERMITTED BY LAW.

10. Indemnification

You agree to defend, indemnify, and hold harmless SiteLeak, its operators, owners, employees, contractors, affiliates, successors, and assigns from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees and attorney's fees) arising out of or in connection with:

• Your use or misuse of the Service;
• Your violation of any provision of these Terms;
• Your violation of any applicable law, regulation, or third-party right (including intellectual property rights or privacy rights);
• Any unauthorized scanning you conduct using the Service;
• Any content, domain, or information you submit to the Service;
• Any claim by a third party that arises from your actions in connection with the Service.

We reserve the right, at our own expense, to assume exclusive defense and control of any matter subject to indemnification by you, in which case you agree to cooperate with our defense of such claim.

11. Intellectual Property

All content, code, algorithms, branding, trademarks, trade dress, design, documentation, and other intellectual property rights associated with SiteLeak are owned by us or our licensors and are protected by applicable intellectual property laws worldwide. Nothing in these Terms grants you any ownership rights in or to the Service.

You may not copy, modify, distribute, publicly display, publicly perform, reverse-engineer, decompile, disassemble, create derivative works of, or otherwise exploit any part of the Service without our express prior written consent.

Scan results generated for your domains are provided for your personal or organizational use only. Bulk redistribution, commercialization, or republication of scan result data is prohibited without our written authorization.

12. Third-Party Links and Services

The Service may contain links to third-party websites, tools, or services. We have no control over and assume no responsibility for the content, privacy policies, practices, or availability of any third-party sites or services. Your access to and use of any third-party site or service is entirely at your own risk and subject to that third party's own terms and policies.

13. Privacy

Our collection and use of information in connection with the Service is governed by our Privacy Policy, which is incorporated by reference into these Terms. By using the Service, you consent to the collection and use of your information as described in our Privacy Policy.

14. Digital Millennium Copyright Act (DMCA)

We respect intellectual property rights. If you believe that any content available through the Service infringes your copyright, please send a written notice to [email protected] containing: (a) identification of the copyrighted work, (b) identification of the allegedly infringing material and its location, (c) your contact information, (d) a statement that you have a good-faith belief that the use is not authorized by the copyright owner, and (e) a statement under penalty of perjury that the information in your notice is accurate and that you are the copyright owner or authorized to act on their behalf.

15. Modifications to the Service

We reserve the right to modify, suspend, discontinue, or limit any aspect of the Service — including features, pricing, scan paths, and availability — at any time, with or without notice, and without liability to you or any third party. We may also impose limits on certain features or restrict access to parts or all of the Service.

16. Modifications to These Terms

We may revise these Terms at any time by updating this page and changing the "Last updated" date. Material changes will be announced where reasonably practicable (e.g., on our homepage or via email). Your continued use of the Service following any revision constitutes your binding acceptance of the revised Terms. We encourage you to review this page periodically.

17. Termination

We reserve the right, in our sole and absolute discretion, to suspend, restrict, or permanently terminate your access to the Service — at any time, for any reason or no reason, without prior notice or liability — including but not limited to violations of these Terms. Upon termination, all rights granted to you under these Terms immediately cease. Provisions of these Terms that by their nature should survive termination shall survive, including but not limited to Sections 8, 9, 10, 11, 18, 19, and 20.

18. Dispute Resolution and Arbitration

PLEASE READ THIS SECTION CAREFULLY. IT AFFECTS YOUR LEGAL RIGHTS.

Any dispute, claim, or controversy arising out of or relating to these Terms or the Service ("Dispute") shall first be attempted to be resolved through good-faith informal negotiation by contacting us at [email protected]. If the Dispute cannot be resolved informally within 30 days, it shall be submitted to binding individual arbitration, not class action, conducted in the English language.

Class Action Waiver: You expressly waive any right to participate in any class action lawsuit or class-wide arbitration against SiteLeak. All claims must be brought in your individual capacity only.

Nothing in this section prevents either party from seeking emergency injunctive or equitable relief from a court of competent jurisdiction to prevent irreparable harm pending arbitration.

19. Governing Law and Jurisdiction

These Terms shall be governed by and construed in accordance with applicable law, without regard to conflicts of law principles. To the extent a court of competent jurisdiction is required to adjudicate any Dispute not subject to arbitration, you consent to the exclusive personal jurisdiction of such court.

Users accessing the Service from outside the applicable jurisdiction do so at their own initiative and are solely responsible for compliance with all applicable local laws. We make no representation that the Service is appropriate or legal in all jurisdictions.

20. Compliance with Export Laws

You agree to comply with all applicable export control laws and regulations, including but not limited to U.S. Export Administration Regulations and applicable sanctions programs. You represent and warrant that you are not located in, under the control of, or a national or resident of any country or territory subject to comprehensive international sanctions.

21. Notices

All notices and communications required or permitted under these Terms shall be in writing and delivered to us by email at [email protected]. We may provide notices to you via the email address you have provided (if any) or by posting notice on the Service.

22. Severability

If any provision of these Terms is held by a court of competent jurisdiction to be invalid, illegal, or unenforceable, that provision shall be modified to the minimum extent necessary to make it enforceable, and the remaining provisions of these Terms shall continue in full force and effect.

23. Entire Agreement

These Terms, together with the Privacy Policy and any other policies or agreements incorporated herein by reference, constitute the entire agreement between you and SiteLeak with respect to the Service, and supersede all prior or contemporaneous understandings, agreements, representations, or warranties relating to the Service.

24. Waiver

Our failure to enforce any provision of these Terms shall not constitute a waiver of our right to enforce such provision in the future or any other provision of these Terms.

25. Contact

If you have questions, concerns, or requests regarding these Terms, please contact us at [email protected] or visit our Contact page.